The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS.

CVE-2017-18508: 3CX Free Live Chat

The wp-database-backup plugin before 5.1.2 for WordPress has XSS.

*   Details
*   Reviews
*   Installation
*   Development

WP Database Backup plugin helps you to create Database Backup and Restore Database Backup easily on single click. Manual or Automated Database Backups And also store database backup on safe place- Dropbox,FTP,Email,Google drive, Amazon S3

**Features**

*   Create Database Backup  
    WP Database Backup plugin helps you to create Database Backup easily on single click.
*   Auto Backup  
    Backup automatically on a repeating **schedule**
*   Download backup file direct from your WordPress dashboard
*   Easy To Install(Very easy to use)  
    WP Database Backup is super easy to install.
*   Simple to configure(very less configuration), less than a minute.
*   Restore Database Backup  
    WP Database Backup plugin helps you to Restore Database Backup easily on single click.
*   Multiple storage destinations
*   Store database backup on safe place- **Dropbox, Google drive, Amazon s3,FTP,Email**
*   Reporting- Sends emailed backups and backup reports to any email addresses
*   **Exclude Table**
*   Database backup list pagination
*   Search and Replace in database backup file.
*   Search backup from list(Date/ Database Size)
*   Sort backup list (Date/ Database Size)
*   Save database backup file in zip format on local server And Send database backup file to destination in zip format
*   Documentation

**Support**

*   https://backupforwp.com/support

1.  Download the plugin file, unzip and place it in your wp-content/plugins/ folder. You can alternatively upload it via the WordPress plugin backend.
2.  Activate the plugin through the ‘Plugins’ menu in WordPress.
3.  WP Database Backup menu will appear in Dashboard->Backups. Click on it & get started to use.

**How to create database Backup?**

Follow the steps listed below to Create Database Backup

Create Backup:

1) Click on Create New Database Backup

2) Download Database Backup file.

**How to restore database backup?**

Restore Backup:

Click on Restore Database Backup

OR

1)Login to phpMyAdmin

2)Click Databases and select the database that you will be importing your data into.

3)Across the top of the screen will be a row of tabs. Click the Import tab.

4)On the next screen will be a location of text file box, and next to that a button named Browse.

5)Click Browse. Locate the backup file stored on your computer.

6)Click the Go button

**Always get an empty (0 bits) backup file?**

This is generally caused by an access denied problem.

You don’t have permission to write in the wp-content/uploads.

Please check if you have the read write permission on the folder.

**On Click Create New Database Backup it goes to blank page**

if the site is very large, it takes time to create the database backup. And if the server execution time is set to low value, you get go to blank page.  
There may be chance your server max execution time is 30 second. Please check debug log file.  
You will need to ask your hosting services to increase the execution time and the plugin will work fine for large data.  
You can also try to increase execution time. Please make below changes – Add below line

php.ini

max\_execution\_time = 180 ;

Also Please make sure that you have write permission to Backup folder and also check your log file.

**Want more features?**

If you want more features then please contact us at

Very good tool, it does its job as describe.

Easy to use UI and just does the job nicely ! Great Plugin 🙂

Great backup plugin with an overall great and useable interface.

I don't know why, but with Wordpress 5.9 this plugin is broken.

WP Database Backup is all that you need to make database backups. This is really an amazing plugin, probably the best plugin to back up a WordPress database. I really love the scheduling feature. Just a question, does it offer an API to schedule the backups using an external cron? It would be great if you can trigger the automatic backups using the cron of the server instead of the inbuilt WP cron. Because all the pages are served by server cache, I would prefer an external cron.

Does not restore the database. Had to restore it using phpmyadmin. Scheduler does not work as intended. Just keep taking hourly backups. You can't set it to twice daily or daily etc. Author does not respond to queries in support forum on time.

Read all 72 reviews

“WP Database Backup – Unlimited Database & Files Backup by Backup for WP” is open source software. The following people have contributed to this plugin.

Contributors

CVE-2019-14949: WP Database Backup – Unlimited Database & Files Backup by Backup for WP

An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.

*   Products
    *   Openwall GNU/\*/Linux   _server OS_
    *   Linux Kernel Runtime Guard
    *   John the Ripper   _password cracker_
        *   Free & Open Source for any platform
        *   in the cloud
        *   Pro for Linux
        *   Pro for macOS
    *   Wordlists   _for password cracking_
    *   passwdqc   _policy enforcement_
        *   Free & Open Source for Unix
        *   Pro for Windows (Active Directory)
    *   yescrypt   _KDF & password hashing_
    *   yespower   _Proof-of-Work (PoW)_
    *   crypt\_blowfish   _password hashing_
    *   phpass   _ditto in PHP_
    *   tcb   _better password shadowing_
    *   Pluggable Authentication Modules
    *   scanlogd   _port scan detector_
    *   popa3d   _tiny POP3 daemon_
    *   blists   _web interface to mailing lists_
    *   msulogin   _single user mode login_
    *   php\_mt\_seed   _mt\_rand() cracker_
*   Services
*   Publications
    *   Articles
    *   Presentations
*   Resources
    *   Mailing lists
    *   Community wiki
    *   Source code repositories (GitHub)
    *   Source code repositories (CVSweb)
    *   File archive & mirrors
    *   How to verify digital signatures
    *   OVE IDs
*   What's new

CVE-2019-14433: security - [OSSA-2019-003] Nova Server Resource Faults Leak External Exception Details (CVE-2019-14433)

The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress allows email subscription XSS.

CVE-2019-14799: FV Flowplayer Video Player

The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter.

CVE-2019-14787: Newsletters

The codection "Import users from CSV with meta" plugin before 1.14.2.2 for WordPress allows wp-admin/admin-ajax.php?action=acui_delete_attachment CSRF.

CVE-2019-14683: Import and export users and customers

The woo-variation-swatches (aka Variation Swatches for WooCommerce) plugin 1.0.61 for WordPress allows XSS via the wp-admin/admin.php?page=woo-variation-swatches-settings tab parameter.

CVE-2019-14774

The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.

@@ -122,14 +122,20 @@ private function \_verify($public\_key\_or\_secret, $expected\_alg = null) { $segments = explode('.', $this\->raw); $signature\_base\_string = implode('.', array($segments\[0\], $segments\[1\])); if (!$expected\_alg) { \# NOTE: might better to warn here $expected\_alg = $this\->header\['alg'\]; $using\_autodetected\_alg = true; } switch ($expected\_alg) { case 'HS256': case 'HS384': case 'HS512': return $this\->signature === hash\_hmac($this\->digest(), $signature\_base\_string, $public\_key\_or\_secret, true); if ($using\_autodetected\_alg) { throw new JOSE\_Exception\_UnexpectedAlgorithm( 'HMAC algs MUST be explicitly specified as $expected\_alg' ); } $hmac\_hash = hash\_hmac($this\->digest(), $signature\_base\_string, $public\_key\_or\_secret, true); return hash\_equals($this\->signature, $hmac\_hash); case 'RS256': case 'RS384': case 'RS512':

CVE-2016-5431: explicit alg check & secure hash comparison · nov/jose-php@1cce55e

musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

*   Products
    *   Openwall GNU/\*/Linux   _server OS_
    *   Linux Kernel Runtime Guard
    *   John the Ripper   _password cracker_
        *   Free & Open Source for any platform
        *   in the cloud
        *   Pro for Linux
        *   Pro for macOS
    *   Wordlists   _for password cracking_
    *   passwdqc   _policy enforcement_
        *   Free & Open Source for Unix
        *   Pro for Windows (Active Directory)
    *   yescrypt   _KDF & password hashing_
    *   yespower   _Proof-of-Work (PoW)_
    *   crypt\_blowfish   _password hashing_
    *   phpass   _ditto in PHP_
    *   tcb   _better password shadowing_
    *   Pluggable Authentication Modules
    *   scanlogd   _port scan detector_
    *   popa3d   _tiny POP3 daemon_
    *   blists   _web interface to mailing lists_
    *   msulogin   _single user mode login_
    *   php\_mt\_seed   _mt\_rand() cracker_
*   Services
*   Publications
    *   Articles
    *   Presentations
*   Resources
    *   Mailing lists
    *   Community wiki
    *   Source code repositories (GitHub)
    *   Source code repositories (CVSweb)
    *   File archive & mirrors
    *   How to verify digital signatures
    *   OVE IDs
*   What's new

\[<prev\] \[next>\] \[<thread-prev\] \[thread-next>\] \[day\] \[month\] \[year\] \[list\]

Date: Mon, 5 Aug 2019 20:05:39 -0400
From: Rich Felker <dalias@...c.org>
To: oss-security@...ts.openwall.com
Cc: musl@...ts.openwall.com
Subject: Re: CVE request: musl libc 1.1.23 and earlier x87 float stack
 imbalance

On Mon, Aug 05, 2019 at 07:27:37PM -0400, Rich Felker wrote:
> I've discovered a flaw in musl libc's arch-specific math assembly code
> for i386, whereby at least the log1p function and possibly others
> return with more than one item on the x87 stack. This can lead to x87
> stack overflow in the execution of subsequent math code, causing it to
> incorrectly produce a NAN in place of the actual result. If floating
> point results are used in flow control, this can lead to runaway wrong
> code execution. For example, in Python (version 3.6.8 tested), at
> least one code path of the dtoa function becomes an infinite loop
> performing what's effectively an unbounded-length memset when entered
> under such a condition.
> 
> This bug is potentially exploitable in software which calls affected
> math functions with inputs under user control. Impact depends on how
> the application handles the ABI-violating x87 state; in Python it
> seems to be limited to producing a crash.
> 
> The bug is present in all versions after 0.9.12, up through the
> current (1.1.23) release. Only 32-bit x86 systems (aka IA32, musl's
> "i386" arch) are affected. Users of other archs, including x86\_64, can
> safely ignore this issue.
> 
> Affected users are advised to apply the following patch:
> 
> https://git.musl-libc.org/cgit/musl/patch/?id=f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441

The patch contains an error that was missed for unknown reasons,
probably failure to rebuild a file. I'm attaching an aggregate patch
that works. Alternaatively, these two commits can be applied:

https://git.musl-libc.org/cgit/musl/patch/?id=f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441
https://git.musl-libc.org/cgit/musl/patch/?id=6818c31c9bc4bbad5357f1de14bedf781e5b349e

**View attachment "**x87\_stack\_bug.diff**" of type "**text/plain**" (3105 bytes)**

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.

CVE-2019-14697: Re: CVE request: musl libc 1.1.23 and earlier x87 float stack imbalance

A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via filemanager/model.php.

Timestamp:

07/25/2019 09:33:24 AM (4 years ago)

webdorado

Message:

Fixed: security issue  

Location:

photo-gallery/trunk

Files:

  

*   filemanager/model.php (2 diffs)
*   photo-gallery.php (2 diffs)
*   readme.txt (2 diffs)

**Legend:**

Unmodified

Added

Removed

*   **photo-gallery/trunk/filemanager/model.php**
    
    r2087021
    
    r2128378
    
     
    
    50
    
    50
    
            $orderby = $params\['orderby'\];
    
    51
    
    51
    
            $order = $params\['order'\];
    
     
    
    52
    
        if ( $orderby != 'size' && $orderby != 'name' ) {
    
     
    
    53
    
          $orderby = 'date\_modified';
    
     
    
    54
    
        }
    
     
    
    55
    
        if ( $order != 'asc' ) {
    
     
    
    56
    
          $order = 'desc';
    
     
    
    57
    
        }
    
    52
    
    58
    
            $search = $params\['search'\];
    
    53
    
    59
    
            $page\_num = $params\['page\_num'\];
    
    …
    
    …
    
     
    
    149
    
    155
    
            $orderby = $params\['orderby'\];
    
    150
    
    156
    
            $order = $params\['order'\];
    
     
    
    157
    
        if ( $orderby != 'size' && $orderby != 'name' ) {
    
     
    
    158
    
          $orderby = 'date\_modified';
    
     
    
    159
    
        }
    
     
    
    160
    
        if ( $order != 'asc' ) {
    
     
    
    161
    
          $order = 'desc';
    
     
    
    162
    
        }
    
    151
    
    163
    
    152
    
    164
    
            $query  = ' SELECT \* FROM \`' . $wpdb->prefix . 'bwg\_file\_paths\`';
    
*   **photo-gallery/trunk/photo-gallery.php**
    
    r2120867
    
    r2128378
    
     
    
    4
    
    4
    
     \* Plugin URI: https://10web.io/plugins/wordpress-photo-gallery/?utm\_source=photo\_gallery&utm\_medium=free\_plugin
    
    5
    
    5
    
     \* Description: This plugin is a fully responsive gallery plugin with advanced functionality.  It allows having different image galleries for your posts and pages. You can create unlimited number of galleries, combine them into albums, and provide descriptions and tags.
    
    6
    
     
    
     \* Version: 1.5.30
    
     
    
    6
    
     \* Version: 1.5.31
    
    7
    
    7
    
     \* Author: Photo Gallery Team
    
    8
    
    8
    
     \* Author URI: https://10web.io/plugins/?utm\_source=photo\_gallery&utm\_medium=free\_plugin
    
    …
    
    …
    
     
    
    85
    
    85
    
        $this->plugin\_url = plugins\_url(plugin\_basename(dirname(\_\_FILE\_\_)));
    
    86
    
    86
    
        $this->main\_file = plugin\_basename(\_\_FILE\_\_);
    
    87
    
     
    
        $this->plugin\_version = '1.5.30';
    
    88
    
     
    
        $this->db\_version = '1.5.30';
    
     
    
    87
    
        $this->plugin\_version = '1.5.31';
    
     
    
    88
    
        $this->db\_version = '1.5.31';
    
    89
    
    89
    
        $this->prefix = 'bwg';
    
    90
    
    90
    
        $this->nicename = \_\_('Photo Gallery', $this->prefix);
    
*   **photo-gallery/trunk/readme.txt**
    
    r2120867
    
    r2128378
    
     
    
    4
    
    4
    
    Requires at least: 3.4
    
    5
    
    5
    
    Tested up to: 5.2
    
    6
    
     
    
    Stable tag: 1.5.30
    
     
    
    6
    
    Stable tag: 1.5.31
    
    7
    
    7
    
    License: GPLv2 or later
    
    8
    
    8
    
    License URI: http://www.gnu.org/licenses/gpl-2.0.html
    
    …
    
    …
    
     
    
    282
    
    282
    
    283
    
    283
    
    \== Changelog ==
    
     
    
    284
    
     
    
    285
    
    \= 1.5.31 =
    
     
    
    286
    
    \* Fixed: Vulnerability.
    
    284
    
    287
    
    285
    
    288
    
    \= 1.5.30 =
    

**Note:** See TracChangeset for help on using the changeset viewer.

Tag

#php